random

, urandom

- Strong random number generator device

Synopsis

/dev/random

/dev/urandom

Description

The /dev/random and /dev/urandom files are special files that are a source
for random bytes generated by the kernel random number generator device. The
/dev/random and /dev/urandom files are suitable for applications requiring high quality random numbers
for cryptographic purposes.

The generator device produces random numbers from data and devices available to
the kernel and estimates the amount of randomness (or entropy) collected from
these sources. The entropy level determines the amount of high quality random
numbers that are produced at a given time.

Applications retrieve random bytes by reading /dev/random or /dev/urandom. The /dev/random interface
returns random bytes only when sufficient amount of entropy has been collected.
If there is no entropy to produce the requested number of bytes, /dev/random
blocks until more entropy can be obtained. Non-blocking I/O mode can be
used to disable the blocking behavior. The /dev/random interface also supports poll(2).
Note that using poll(2) does not increase the speed at which random
numbers can be read.

Bytes retrieved from /dev/random provide the highest quality random numbers produced by
the generator, and can be used to generate long term keys and
other high value keying material.

The /dev/urandom interface returns bytes regardless of the amount of entropy available.
It does not block on a read request due to lack of
entropy. While bytes produced by the /dev/urandom interface are of lower quality
than bytes produced by /dev/random, they are nonetheless suitable for less demanding
and shorter term cryptographic uses such as short term session keys, paddings,
and challenge strings.

Data can be written to /dev/random and /dev/urandom. Data written to either
special file is added to the generator's internal state. Data that is
difficult to predict by other users may contribute randomness to the generator
state and help improve the quality of future generated random numbers.

/dev/random collects entropy from providers that are registered with the kernel-level cryptographic
framework and implement random number generation routines. The cryptoadm(1M) utility allows an
administrator to configure which providers is used with /dev/random.

The limitation per read for /dev/random is 1040 bytes. The limit for
/dev/urandom is (128 * 1040).

Errors

EAGAIN

O_NDELAY or O_NONBLOCK was set and no random bytes are available for reading from /dev/random.

EINTR

A signal was caught while reading and no data was transferred.

ENOXIO

open(2) request failed on /dev/random because no entropy provider is available.

Files

/dev/random

/dev/urandom

Attributes

See Also

Notes

/dev/random can be configured to use only the hardware-based providers registered with
the kernel-level cryptographic framework by disabling the software-based provider using cryptoadm(1M). You
can also use cryptoadm(1M) to obtain the name of the software-based provider.

Because no entropy is available, disabling all randomness providers causes read(2) and
poll(2) on /dev/random to block indefinitely and results in a warning message
being logged and displayed on the system console. However, read(2) and poll(2)
on /dev/urandom continue to work in this case.

An implementation of the /dev/random and /dev/urandom kernel-based random number generator first
appeared in Linux 1.3.30.

A /dev/random interface for Solaris first appeared as part of the CryptoRand
implementation.